Cyber Crime
ICICI Bank Faces Potential Data Breach; Suspected Ransomware Group ‘BASHE’ Involved
NEW DELHI: The infamous ransomware group, Bashe, has claimed responsibility for breaching the database of ICICI Bank, one of India’s leading banking institutions. According to information discovered on the dark web, the hackers have set a deadline of January 24, 2025, for the payment of a ransom to prevent the public release of sensitive information. The claim was accompanied by a warning that failure to comply with their demands would result in data exposure.
Registrations Open for FutureCrime Summit 2025: India’s Largest Conference on Technology-Driven Crime
What We Know So Far
The Bashe hacking group, known for targeting high-value businesses, allegedly accessed confidential data belonging to ICICI Bank. While the bank has not made any public acknowledgment of the breach, the claim has gained attention on the dark web forums, where Bashe operates.
The group posted a timer counting down to the deadline and offered an option for ICICI Bank to “buy the data immediately.”
🚨Cyberattack Alert ‼️
🇮🇳India – ICICI Bank
Bashe hacking group claims to have breached ICICI Bank.
Ransom deadline: 24th Jan 25. pic.twitter.com/CCGjYve997
— HackManac (@H4ckManac) January 22, 2025
Bashe: A New Name in the Ransomware Landscape
Bashe is a relatively new but formidable player in the world of cybercrime. Emerging in April 2024, the group is reportedly associated with LockBit, one of the most notorious ransomware operators. Bashe has made its mark by targeting industries like banking, healthcare, logistics, and technology across countries including India, the United States, the United Kingdom, France, Germany, and Australia.
The group uses sophisticated strategies and Tor-based infrastructure allegedly based in the Czech Republic, allowing it to avoid detection and maintain anonymity. Its highly organized operations are designed to optimize ransom demands by threatening exposure of stolen sensitive data.
A History of High-Profile Attacks
This is not Bashe’s first attempt to disrupt the Indian banking sector. In December 2024, the group claimed to have breached Federal Bank, stealing a database containing 637,895 entries. The alleged breach raised concerns about the growing vulnerability of financial institutions to ransomware attacks.
With ICICI Bank now allegedly in their crosshairs, the threat posed by Bashe appears to be escalating. Their focus on high-value organizations and critical infrastructure highlights the growing risks faced by the global banking sector.
Despite the claims circulating on the dark web, ICICI Bank has not issued any official statements regarding a breach. This is not the first time ICICI bank has faced such allegations. in April 2023 a Cybernews investigation revealed a bank leaked sensitive data due to system misconfiguration. The Bank then denied all the allegations.
It must be noted that ICICI Bank’s resources were designated “critical information infrastructure” by the Indian government in 2022, meaning any compromise could impact national security.
ICICI Bank, with its millions of customers and extensive digital infrastructure, represents a lucrative target for cybercriminals. Any breach could potentially expose sensitive customer data, harm the bank’s reputation, and undermine public trust.
Growing Concern Over Cybersecurity in India
The alleged breach of ICICI Bank comes at a time when Indian businesses are increasingly becoming the targets of ransomware attacks. Experts in the cybersecurity field are urging financial institutions to invest in robust security protocols to prevent future incidents.
Bashe’s association with LockBit—a group responsible for numerous high-profile attacks—adds a layer of complexity to the situation. The group’s ability to operate internationally and its focus on critical industries demonstrate the need for a coordinated response to cyber threats.
𝐃𝐢𝐬𝐜𝐥𝐚𝐢𝐦𝐞𝐫 : 𝐈𝐂𝐈𝐂𝐈 𝐁𝐚𝐧𝐤 𝐡𝐚𝐬 𝐧𝐨𝐭 𝐩𝐮𝐛𝐥𝐢𝐜𝐥𝐲 𝐚𝐜𝐤𝐧𝐨𝐰𝐥𝐞𝐝𝐠𝐞𝐝 𝐚𝐧𝐲 𝐬𝐮𝐜𝐡 𝐛𝐫𝐞𝐚𝐜𝐡. 𝐓𝐡𝐮𝐬 𝐭𝐡𝐞 𝐢𝐧𝐟𝐨𝐫𝐦𝐚𝐭𝐢𝐨𝐧 𝐢𝐬 𝐟𝐮𝐥𝐥𝐲 𝐛𝐚𝐬𝐞𝐝 𝐨𝐧 𝐭𝐡𝐞 𝐝𝐚𝐫𝐤𝐰𝐞𝐛 𝐫𝐞𝐬𝐞𝐚𝐫𝐜𝐡.